Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/jXfsq-_2CipGq0wifdzOP5Bu42E.roa
File: jXfsq-_2CipGq0wifdzOP5Bu42E.roa (raw, json)
Hash identifier: B+Vl6cetYE9FE60cfwuEU2uuw7BLT4iX6yuDh5BtpGk=
Subject key identifier: 8D:77:EC:AB:EF:F6:0A:2A:46:AB:4C:22:7D:DC:CE:3F:90:6E:E3:61
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 0196145B3BE3A03164C0281A6AD9069C49A9
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/jXfsq-_2CipGq0wifdzOP5Bu42E.roa
Signing time: Tue 08 Apr 2025 07:44:05 +0000
ROA not before: Tue 08 Apr 2025 07:44:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 719
IP address blocks: 31.7.16.0/20 maxlen: 20
46.182.112.0/21 maxlen: 21
62.142.0.0/16 maxlen: 16
62.148.192.0/19 maxlen: 19
62.216.96.0/19 maxlen: 19
62.240.64.0/19 maxlen: 19
62.248.128.0/17 maxlen: 17
77.109.192.0/18 maxlen: 18
80.81.160.0/19 maxlen: 19
80.88.176.0/20 maxlen: 20
80.186.0.0/16 maxlen: 16
80.248.96.0/19 maxlen: 19
81.197.0.0/16 maxlen: 16
81.209.0.0/17 maxlen: 17
82.103.192.0/18 maxlen: 18
82.118.192.0/19 maxlen: 19
82.141.64.0/18 maxlen: 18
82.215.192.0/18 maxlen: 18
83.245.128.0/17 maxlen: 17
84.230.0.0/15 maxlen: 15
85.76.0.0/14 maxlen: 14
85.156.0.0/16 maxlen: 16
85.157.0.0/16 maxlen: 16
85.217.0.0/17 maxlen: 17
88.112.0.0/14 maxlen: 14
91.152.0.0/13 maxlen: 13
94.22.0.0/16 maxlen: 16
109.163.248.0/21 maxlen: 21
109.232.80.0/21 maxlen: 21
139.97.0.0/16 maxlen: 16
178.251.56.0/21 maxlen: 21
192.77.120.0/22 maxlen: 22
192.102.36.0/24 maxlen: 24
192.102.37.0/24 maxlen: 24
192.102.38.0/24 maxlen: 24
192.102.39.0/24 maxlen: 24
192.102.40.0/24 maxlen: 24
192.102.41.0/24 maxlen: 24
192.102.42.0/24 maxlen: 24
192.102.49.0/24 maxlen: 24
192.102.50.0/24 maxlen: 24
192.126.1.0/24 maxlen: 24
192.126.23.0/24 maxlen: 24
192.126.24.0/24 maxlen: 24
192.126.35.0/24 maxlen: 24
192.126.44.0/24 maxlen: 24
192.126.46.0/24 maxlen: 24
192.163.32.0/19 maxlen: 19
192.163.64.0/18 maxlen: 18
192.163.128.0/19 maxlen: 19
193.64.0.0/15 maxlen: 15
193.65.129.0/24 maxlen: 24
193.66.0.0/16 maxlen: 16
193.94.0.0/16 maxlen: 16
193.184.0.0/15 maxlen: 15
193.199.0.0/16 maxlen: 16
193.229.0.0/16 maxlen: 16
194.86.0.0/16 maxlen: 16
194.86.35.0/24 maxlen: 24
194.136.0.0/16 maxlen: 16
194.157.0.0/16 maxlen: 16
194.188.0.0/16 maxlen: 16
194.211.0.0/16 maxlen: 16
194.240.0.0/15 maxlen: 15
195.16.192.0/19 maxlen: 19
195.74.0.0/19 maxlen: 19
195.170.128.0/19 maxlen: 19
195.197.0.0/16 maxlen: 16
195.218.64.0/19 maxlen: 19
195.236.0.0/15 maxlen: 15
195.238.192.0/19 maxlen: 19
195.255.0.0/16 maxlen: 16
212.38.224.0/19 maxlen: 19
212.50.192.0/19 maxlen: 19
212.54.0.0/19 maxlen: 19
212.63.0.0/19 maxlen: 19
212.226.0.0/16 maxlen: 16
212.246.0.0/16 maxlen: 16
213.130.224.0/19 maxlen: 19
213.161.32.0/19 maxlen: 19
213.169.0.0/19 maxlen: 19
213.192.128.0/18 maxlen: 18
213.250.64.0/18 maxlen: 18
217.24.96.0/20 maxlen: 20
217.25.96.0/20 maxlen: 20
217.77.192.0/20 maxlen: 20
217.152.0.0/16 maxlen: 16
2001:670::/29 maxlen: 32
2001:998::/29 maxlen: 32
2001:9f0::/29 maxlen: 32
2001:1658::/29 maxlen: 32
2a00:1dd0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:14:5b:3b:e3:a0:31:64:c0:28:1a:6a:d9:06:9c:49:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Apr 8 07:44:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d77ecabeff60a2a46ab4c227ddcce3f906ee361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a9:65:59:95:67:3d:c4:14:b0:82:6c:86:db:
09:21:a3:17:34:43:33:de:9b:05:27:8c:92:16:2a:
ff:ec:49:f3:07:8d:b4:27:b8:67:36:11:d9:e8:2f:
03:1e:06:f6:80:71:ab:05:2e:50:bf:bd:e2:3a:c2:
55:88:00:6e:14:ac:70:b3:5f:19:31:c7:2a:08:18:
a5:dc:9f:48:3a:23:47:36:71:44:5c:12:4f:a6:0d:
48:fe:00:dd:e5:15:17:2c:e9:25:b9:b5:75:26:e8:
31:56:ad:a4:41:bc:b3:7b:d0:a0:f8:9b:78:a8:48:
f4:74:ab:d2:3c:72:14:e7:1e:ec:b6:3f:f1:32:dc:
7c:bc:13:d1:a2:5b:9e:a2:4d:75:0b:a4:c9:bf:73:
bb:00:99:df:32:af:1e:ff:80:96:76:68:56:2b:be:
dc:64:66:17:72:ce:35:bf:70:34:ae:63:1a:1e:9a:
fe:d9:c3:27:54:bb:99:2b:71:67:8a:a6:aa:04:74:
8a:00:bc:75:90:47:43:4b:1b:3c:da:3b:50:1a:e3:
14:15:78:ec:f3:95:6e:e4:02:19:b8:42:39:81:db:
06:71:e5:c3:5d:a8:5e:e3:ad:2d:5b:17:54:4f:6a:
e4:c3:d2:3f:a9:7b:51:7e:47:1f:fb:e5:2c:8d:09:
ec:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:77:EC:AB:EF:F6:0A:2A:46:AB:4C:22:7D:DC:CE:3F:90:6E:E3:61
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/jXfsq-_2CipGq0wifdzOP5Bu42E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.16.0/20
46.182.112.0/21
62.142.0.0/16
62.148.192.0/19
62.216.96.0/19
62.240.64.0/19
62.248.128.0/17
77.109.192.0/18
80.81.160.0/19
80.88.176.0/20
80.186.0.0/16
80.248.96.0/19
81.197.0.0/16
81.209.0.0/17
82.103.192.0/18
82.118.192.0/19
82.141.64.0/18
82.215.192.0/18
83.245.128.0/17
84.230.0.0/15
85.76.0.0/14
85.156.0.0/15
85.217.0.0/17
88.112.0.0/14
91.152.0.0/13
94.22.0.0/16
109.163.248.0/21
109.232.80.0/21
139.97.0.0/16
178.251.56.0/21
192.77.120.0/22
192.102.36.0-192.102.42.255
192.102.49.0-192.102.50.255
192.126.1.0/24
192.126.23.0-192.126.24.255
192.126.35.0/24
192.126.44.0/24
192.126.46.0/24
192.163.32.0-192.163.159.255
193.64.0.0-193.66.255.255
193.94.0.0/16
193.184.0.0/15
193.199.0.0/16
193.229.0.0/16
194.86.0.0/16
194.136.0.0/16
194.157.0.0/16
194.188.0.0/16
194.211.0.0/16
194.240.0.0/15
195.16.192.0/19
195.74.0.0/19
195.170.128.0/19
195.197.0.0/16
195.218.64.0/19
195.236.0.0/15
195.238.192.0/19
195.255.0.0/16
212.38.224.0/19
212.50.192.0/19
212.54.0.0/19
212.63.0.0/19
212.226.0.0/16
212.246.0.0/16
213.130.224.0/19
213.161.32.0/19
213.169.0.0/19
213.192.128.0/18
213.250.64.0/18
217.24.96.0/20
217.25.96.0/20
217.77.192.0/20
217.152.0.0/16
IPv6:
2001:670::/29
2001:998::/29
2001:9f0::/29
2001:1658::/29
2a00:1dd0::/29
Signature Algorithm: sha256WithRSAEncryption
89:59:2c:f8:66:76:a0:58:cd:b9:49:97:ea:f9:17:9f:d9:60:
08:ca:e4:76:b1:a9:d3:fb:e3:2e:a3:8c:6f:2e:0e:d3:3f:95:
d9:5f:78:1b:e4:51:8b:8f:88:66:78:8b:6f:55:65:4c:7e:68:
c0:10:1c:99:4b:95:7b:1c:3a:0b:53:43:47:a7:65:e8:99:4c:
d5:bb:0b:ac:92:cc:cd:cd:07:39:11:59:3b:e1:8d:01:71:1e:
e4:ec:e6:82:8d:7d:36:ef:42:a3:91:c6:62:94:ed:2a:14:e9:
35:ca:79:dc:15:6d:6b:40:22:38:c9:e1:b1:8c:84:ec:78:12:
07:69:1d:aa:3f:e7:e1:eb:bf:62:af:18:82:23:87:12:e0:ae:
b3:71:09:30:68:37:a3:2a:91:35:4d:be:f8:cf:af:ab:d6:a5:
14:4f:cc:46:56:ae:28:a2:a6:eb:ad:a0:99:99:9a:ca:42:bd:
81:e4:c7:49:1e:9d:85:52:d6:2b:dc:66:22:24:a3:84:76:2d:
0c:10:3c:aa:71:cd:32:58:bf:2c:89:fd:04:54:48:41:a8:08:
48:e0:9b:5f:7c:7a:29:45:93:79:a8:37:d5:d5:73:84:73:07:
22:2d:40:df:e7:41:9d:6a:88:ef:67:2b:a0:29:57:f2:5f:30:
62:1e:c0:d6
-----BEGIN CERTIFICATE-----
MIIG7jCCBdagAwIBAgISAZYUWzvjoDFkwCgaatkGnEmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjUwNDA4MDc0NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDc3ZWNhYmVmZjYwYTJhNDZhYjRjMjI3ZGRjY2UzZjkwNmVlMzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqllWZVnPcQUsIJshtsJIaMXNEMz
3psFJ4ySFir/7EnzB420J7hnNhHZ6C8DHgb2gHGrBS5Qv73iOsJViABuFKxws18Z
MccqCBil3J9IOiNHNnFEXBJPpg1I/gDd5RUXLOklubV1JugxVq2kQbyze9Cg+Jt4
qEj0dKvSPHIU5x7stj/xMtx8vBPRolueok11C6TJv3O7AJnfMq8e/4CWdmhWK77c
ZGYXcs41v3A0rmMaHpr+2cMnVLuZK3FniqaqBHSKALx1kEdDSxs82jtQGuMUFXjs
85Vu5AIZuEI5gdsGceXDXahe460tWxdUT2rkw9I/qXtRfkcf++UsjQnsFwIDAQAB
o4ID+jCCA/YwHQYDVR0OBBYEFI137Kvv9goqRqtMIn3czj+QbuNhMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvalhmc3EtXzJDaXBHcTB3aWZkek9QNUJ1NDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICDgYIKwYBBQUHAQcBAf8EggH9MIIB+TCCAcoEAgABMIIB
wgMEBB8HEAMEAy62cAMDAD6OAwQFPpTAAwQFPthgAwQFPvBAAwQHPviAAwQGTW3A
AwQFUFGgAwQEUFiwAwMAULoDBAVQ+GADAwBRxQMEB1HRAAMEBlJnwAMEBVJ2wAME
BlKNQAMEBlLXwAMEB1P1gAMDAVTmAwMCVUwDAwFVnAMEB1XZAAMDAlhwAwMDW5gD
AwBeFgMEA22j+AMEA23oUAMDAIthAwQDsvs4AwQCwE14MAwDBALAZiQDBADAZiow
DAMEAMBmMQMEAMBmMgMEAMB+ATAMAwQAwH4XAwQAwH4YAwQAwH4jAwQAwH4sAwQA
wH4uMAwDBAXAoyADBAXAo4AwCgMDBsFAAwMAwUIDAwDBXgMDAcG4AwMAwccDAwDB
5QMDAMJWAwMAwogDAwDCnQMDAMK8AwMAwtMDAwHC8AMEBcMQwAMEBcNKAAMEBcOq
gAMDAMPFAwQFw9pAAwMBw+wDBAXD7sADAwDD/wMEBdQm4AMEBdQywAMEBdQ2AAME
BdQ/AAMDANTiAwMA1PYDBAXVguADBAXVoSADBAXVqQADBAbVwIADBAbV+kADBATZ
GGADBATZGWADBATZTcADAwDZmDApBAIAAjAjAwUDIAEGcAMFAyABCZgDBQMgAQnw
AwUDIAEWWAMFAyoAHdAwDQYJKoZIhvcNAQELBQADggEBAIlZLPhmdqBYzblJl+r5
F5/ZYAjK5HaxqdP74y6jjG8uDtM/ldlfeBvkUYuPiGZ4i29VZUx+aMAQHJlLlXsc
OgtTQ0enZeiZTNW7C6ySzM3NBzkRWTvhjQFxHuTs5oKNfTbvQqORxmKU7SoU6TXK
edwVbWtAIjjJ4bGMhOx4EgdpHao/5+Hrv2KvGIIjhxLgrrNxCTBoN6MqkTVNvvjP
r6vWpRRPzEZWriiipuutoJmZmspCvYHkx0kenYVS1ivcZiIko4R2LQwQPKpxzTJY
vyyJ/QRUSEGoCEjgm198eilFk3moN9XVc4RzByItQN/nQZ1qiO9nK6ApV/JfMGIe
wNY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:27 2025 by rpki-client